I'm running W7 Pro x64 on my laptop and have been since its launch with no issues.
Last night I was working away when I received I notification telling me something had failed to run, I didn't take much notice, clicked OK and continued working. As normal I shutdown the laptop and turned it back on this morning.
The OS seems like its booting as normal but about half way through the startup programs loading I get a message telling me Windows Explorer has stopped working...restart program.
I have no option but to press restart, this starts the same sequence off again and gets to the same point and I get the message again...a never ending loop!
This is the error I recieve which I have had to type in manually as I cannot click on anything, so sorry for any typos.
Problem event name: APPCRASH
Application name: Explorer.EXE
Application version: 6.1.7600.16450
Application timestamp: 4aebab8d
Fault module name: Explorer.EXE
Fault module version: 6.1.7600.16450
Fault module timestamp: 4eabab8d
Exception code: c000041d
Exception offset: 000000000002cc2b
OS version: 6.1.7600.2.0.0.256.48
Local ID: 2057
Application Information 1: 9d35
I have spent quite a few hours googling the issue and so far have tried the following,
Scan disk, Repair from the OS disk (no faults found), boot in safe mode (exactly the same thing happens), CCleaner and full reg repair ran, full Malware and virus scan. I can also confirm that no new software or hardware was installed prior to the error occuring.
On a hunch I checked out my Kaspersky logs and found that several problem files had been removed. After restoring these items it worked again!
Only trouble is, every virus scan I do these items are now detected as dangerous objects. I did a test, removed the items and it crashed explorer again after a reboot. Restored the items again and it fixed the problem.
Kaspersky, Microsoft Security essentials, Symantec security check and MalwareBytes all detect the same issues. I don't want to delete them as I know the issue will come back but I don't want to leave them if they are dangerous. What should I do?
These are the objects:
C:\Windows\SysWOW64\hlp.dat is infected with Trojan.Bamital
C:\Windows\System32\hlp.dat is infected with Trojan.Bamital
C:\Users\Public\Documents\Server\hlp.dat is infected with Trojan.Bamital
C:\Users\Me\AppData\Local\Temp\oermsnawxc.exe is infected with Trojan.Gen
C:\Users\Me\AppData\Local\Temp\wsnacmoexr.exe is infected with Downloader
Can anyone help before I take the plunge and reinstall? Thanks in advance!
Edited by beckyboo, 11 September 2010 - 02:30 PM.